Embed Size (px)
Citation preview
Packet Leashes: A Defense against Wormhole Attacks in
Wireless Networks
Yih-Chun Hu (Carnegie Mellon University)
Adrian Perrig (Carnegie Mellon University)
David B. Johnson (Rice University)
Presented by: Jón T. Grétarsson5 April, 2005
CS577: Advanced Computer Networks
Outline
• Introduction• Problem Statement• Related Work• Assumptions and Notation• Detecting Wormhole Attacks• Temporal Leashes and the TIK Protocol• Evaluation• Conclusions
CS577: Advanced Computer Networks
Introduction
CS577: Advanced Computer Networks
The Authors
• Yih-Chun Hu
• Adrian Perrig
• David B. Johnson
CS577: Advanced Computer Networks
Problem Statement
Wormholes!
CS577: Advanced Computer Networks
Wormholes in MANET
• Packets are “tunneled” from one location to another
• If done reliably, no harm no foul
• If done selectively, much damage can be done!
S D
Wormhole
ColludingAttackers
CS577: Advanced Computer Networks
The Threat
• Permanent Denial-of-Service
• Disruption to Routing Protocols
• Unauthorized Access
CS577: Advanced Computer Networks
Related Work
CS577: Advanced Computer Networks
Related Work
• RF Watermarking
• Intrusion Detection
• 802.11i
CS577: Advanced Computer Networks
Assumptions and Notation
CS577: Advanced Computer Networks
Assumptions & Notation
• Resource Constrained Nodes
• Existing key distribution system
• HMAC - a message authentication code used for authentication
• Bidirectional links are not necessary
CS577: Advanced Computer Networks
Detecting Wormhole Attacks
CS577: Advanced Computer Networks
Leashes
• Somehow restrict the transmission distance of the packet
• Geographical Leashes
• Temporal Leashes
CS577: Advanced Computer Networks
Geographical Leashes
• Node Location
• Loosely Synchronized Clocks
• Bounded Velocity of packet
• dsr is distance between two nodes
• ∆ is error in time
CS577: Advanced Computer Networks
Temporal Leashes
• Requires tight synchronization of clocks
• MAC contention issues
• Digital signature scheme can guarantee timestamp
CS577: Advanced Computer Networks
Temporal Leashes and the TIK Protocol
CS577: Advanced Computer Networks
Authentication
• All information (timestamp, expiration, position) must be verified
• Traditional methods of verification are too expensive
• Merkle Hash Trees are the solution!
CS577: Advanced Computer Networks
Merkle Hash Trees
CS577: Advanced Computer Networks
TESLA with Instant Key Disclosure
CS577: Advanced Computer Networks
Evaluation
CS577: Advanced Computer Networks
How it was done
• Calculated required number of Hashes per second for algorithm
• Calculated computational power of portable devices
CS577: Advanced Computer Networks
Results
• Suitable for laptops and PDA’s, but not for resource scarce networks
• Not enough space to store the packet!
CS577: Advanced Computer Networks
Conclusions
CS577: Advanced Computer Networks
Conclusions
• Wormholes are dangerous! They can degrade performance of Mobile Ad Hoc routing algorithms
• Both Geographical and Temporal leashes can detect wormholes
• TIK is an implementation of Temporal leashes that can be used when there is sufficiently tight time synchronization
• TIK is not usable in resource-scarce networks
CS577: Advanced Computer Networks
Questions? Comments?
Donations?
CS577: Advanced Computer Networks
References
• Graphics borrowed from http://www.panda.uvic.ca/seminars/storage/PacketLeashes.ppt, http://www.ece.cmu.edu/~adrian/projects/ secure-routing/infocom2003.pdf
CS577: Advanced Computer Networks
